What Does the Konektadong Pinoy Act Change for Internet Access?

News hook: Republic Act No. 12234, the Konektadong Pinoy Act, lapsed into law on August 24, 2025, took effect on September 14, 2025, and its Implementing Rules and Regulations became effective in December 2025 — marking the most significant overhaul of Philippine telecommunications law since the Public Telecommunications Policy Act of 1995.

Legal question

What rights, obligations, and market changes does RA 12234 (Konektadong Pinoy Act) create for internet service providers, satellite operators, consumers, and competing telcos in the Philippines?

Applicable laws and rules

Republic Act No. 12234 (Konektadong Pinoy Act, 2025) — the primary law establishing the comprehensive data transmission and connectivity framework
Republic Act No. 7925 (Public Telecommunications Policy Act of the Philippines, 1995) — partially repealed by RA 12234, specifically Sections 7, 11, 16, and 23 insofar as they apply to Data Transmission Industry Participants
Act No. 3846 (Radio Control Law) — the colonial-era franchise requirement repealed by RA 12234 insofar as it applies to Data Transmission Industry Participants
Republic Act No. 10175 (Cybercrime Prevention Act of 2012) — cybersecurity compliance and NCERT reporting obligations that DTIPs must align with
Republic Act No. 10173 (Data Privacy Act of 2012) — privacy compliance framework referenced in the RA 12234 IRR (ISO/IEC 27701 standard)
IRR of RA 12234 — signed by DICT on November 5, 2025; released December 1, 2025; effective December 16-17, 2025
NTC Memorandum Circular No. 002-02-2026 — sets P100 million minimum asset threshold for core/backbone network operators and defines four DTIP network segments

Why this matters

Internet access in the Philippines has long been criticized as among the slowest and most expensive in Southeast Asia, with a market dominated by two or three large players. The Konektadong Pinoy Act restructures the legal foundation of that market from top to bottom: it removes the congressional franchise that previously acted as a gate on new entrants, mandates that existing network owners share their infrastructure on fair terms, grants satellite providers like Starlink-type operators direct deployment rights without going through a legacy telco, and requires all providers to meet internationally-recognized cybersecurity standards. For ordinary Filipinos, this means more potential competition, which can lower prices and raise service quality — provided the new framework is enforced.

The legal frame

At its core, RA 12234 replaces the congressional franchise system with NTC administrative registration for all Data Transmission Industry Participants (DTIPs). Before this law, anyone wanting to provide internet, VoIP, or satellite broadband services needed a legislative franchise — an Act of Congress — in addition to NTC authorization. This requirement, rooted in RA 7925 and the older Act No. 3846 (Radio Control Law), meant that market entry depended on legislative action, which was slow and susceptible to incumbent influence. RA 12234 expressly repeals the franchise requirement as it applies to DTIPs: registration with the NTC now suffices. DICT is designated the highest policy-making body; NTC remains the principal regulatory and adjudicative body and jointly maintains with DICT a public registry of all registered DTIPs including their cybersecurity certification status.

The competition framework operates on two levels. First, mandatory infrastructure sharing: access providers must grant network access — including co-location of equipment — on fair, reasonable, and non-discriminatory (FRAND) terms, preventing dominant players from blocking new entrants by denying access to towers, conduits, and backhaul. Second, a Significant Market Power (SMP) mechanism: the Philippine Competition Commission must conduct an SMP analysis approximately one year after implementation. DTIPs found to have SMP face additional obligations — stricter transparency, regulated access, and pricing requirements. The PCC and NTC formalized their coordination on this via a Memorandum of Agreement signed September 20, 2025. The law also creates a Dig Once Policy: DICT and DPWH must coordinate so that DTIPs can lay fiber cables alongside any public infrastructure project (roads, bridges, public works), dramatically cutting deployment costs for new entrants who would otherwise need to excavate separately.

For satellite providers, RA 12234 is transformative. It expressly classifies Satellite Systems Providers or Operators (SSPOs) as DTIPs, and grants them the right to deploy their technology and use associated spectrum without being required to lease capacity from existing public telecommunications entities (PTEs). Previously, satellite operators without a congressional franchise had to route through existing licensed PTEs, which gave incumbents gate-keeping power over satellite broadband. Under RA 12234, an SSPO can register with the NTC and deploy independently — a provision that directly enables next-generation low-earth orbit (LEO) satellite broadband providers. NTC Memorandum Circular No. 002-02-2026 (effective early 2026) further structures this by dividing the market into four network segments: International Gateway Facility (IGF), Core/Backbone Network, Middle Mile, and Last Mile — with a P100 million minimum asset threshold applying to core network operators.

All DTIPs carry new cybersecurity obligations. Within two years of NTC registration, each DTIP must obtain either a third-party certification under ISO/IEC 27001 (Information Security Management Systems) or a certificate of compliance from the DICT Cybersecurity Bureau. The IRR specifies additional recognized frameworks: ISO/IEC 27701 (Privacy Information Management Systems, linking cybersecurity compliance to the Data Privacy Act), NIST Cybersecurity Framework, CIS Controls v.8, and COBIT. DTIPs are subject to periodic audits by DICT or DICT-accredited third parties, and must report cybersecurity incidents to the National CERT (NCERT) under the RA 10175 framework. Net neutrality principles — protecting internet openness, consumer choice, freedom of expression, and the freedom to innovate without permission — are also codified in the law.

What individuals should know

Consumers do not need to take any immediate action under RA 12234, but they should understand how the law changes the landscape: (1) New ISPs and satellite broadband providers may enter the market with fewer barriers — if you receive a marketing offer from a provider you have not heard of, it may be a legitimately registered DTIP operating under the new framework rather than an unlicensed operator. You can verify registration status on the NTC-DICT public DTIP registry. (2) If you are an existing customer experiencing poor service, the law's infrastructure sharing mandate and NTC's role as adjudicator give you a stronger regulatory basis to file a complaint. (3) If you are a business considering operating as an ISP, VoIP provider, or satellite broadband operator, the franchise requirement is gone — you now need NTC registration, a technical feasibility study, a cybersecurity plan, and (for core networks) at least P100 million in assets. (4) If you are already a licensed PTE or ISP, you must now provide FRAND-basis infrastructure access to competitors, comply with the cybersecurity certification deadline (two years from NTC registration), and prepare for a possible SMP designation by the PCC. (5) DICT's goal, stated at the IRR signing, is affordable, best-quality internet comparable to global standards by 2028 — enforcement of the new framework will determine whether that target is met.

Ask PHLaw.AI

Try: "Under the Konektadong Pinoy Act, what are the cybersecurity certification requirements for an ISP registering with the NTC, and what happens if the deadline is missed?"

Ask about this topic